From: Evan Hunt <each@isc.org>
Date: Thu, 1 Sep 2022 23:34:21 +0000 (-0700)
Subject: CHANGES and release notes for [GL #3523]
X-Git-Tag: v9.16.37~4^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9fed0e01159d78ea9e349d857d89d8473f2cdc44;p=thirdparty%2Fbind9.git

CHANGES and release notes for [GL #3523]

(cherry picked from commit 991de0aa7612cca50eae26b92b764cd5e37a3179)
---

diff --git a/CHANGES b/CHANGES
index b745a7d0e55..ad5c34c8362 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,3 +1,12 @@
+6064.	[security]	An UPDATE message flood could cause named to exhaust all
+			available memory. This flaw was addressed by adding a
+			new "update-quota" statement that controls the number of
+			simultaneous UPDATE messages that can be processed or
+			forwarded. The default is 100. A stats counter has been
+			added to record events when the update quota is
+			exceeded, and the XML and JSON statistics version
+			numbers have been updated. (CVE-2022-3094) [GL #3523]
+
 6062.	[func]		The DSCP implementation, which has only been
 			partly operational since 9.16.0, is now marked as
 			deprecated. Configuring DSCP values in named.conf
diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst
index a72ee574372..6ce4145851f 100644
--- a/doc/notes/notes-current.rst
+++ b/doc/notes/notes-current.rst
@@ -15,12 +15,25 @@ Notes for BIND 9.16.37
 Security Fixes
 ~~~~~~~~~~~~~~
 
-- None.
+- An UPDATE message flood could cause :iscman:`named` to exhaust all
+  available memory. This flaw was addressed by adding a new
+  ``update-quota`` option that controls the maximum number of
+  outstanding DNS UPDATE messages that :iscman:`named` can hold in a
+  queue at any given time (default: 100). (CVE-2022-3094)
+
+  ISC would like to thank Rob Schulhof from Infoblox for bringing this
+  vulnerability to our attention. :gl:`#3523`
 
 New Features
 ~~~~~~~~~~~~
 
-- None.
+- The new ``update-quota`` option can be used to control the number of
+  simultaneous DNS UPDATE messages that can be processed to update an
+  authoritative zone on a primary server, or forwarded to the primary
+  server by a secondary server. The default is 100. A new statistics
+  counter has also been added to record events when this quota is
+  exceeded, and the version numbers for the XML and JSON statistics
+  schemas have been updated. :gl:`#3523`
 
 Removed Features
 ~~~~~~~~~~~~~~~~